On 22 Apr 2015, at 2:07pm, Paul Sanderson <sandersonforensics at gmail.com> wrote:
> You haven't said what operating system you are using Sorry, but I can't. However, the OS is strongly oriented towards security paranoia. As long as the proper OS calls are used to delete files and release memory, you can assume that they are unrecoverable, with all the stuff a forensic expert would hate. The same is true of any caching done at OS level or below (e.g. device drivers, storage which automatically manages sector usage, etc.). > This might be a level of access you are not concerned with - I guess > that all depends on how sensitive sensitive is :) You got it. But the platform (OS and hardware) is specially designed for this. As you suspected I'm concerned only at the level of filespace which is still in use. Simon.
